<?php
(!defined('IN_SYSTEM') || !defined('ADMIN_PRE')) && exit('Access Denied!');
$f = isset($_REQUEST['f'])?$_REQUEST['f']:'index';
if(isset($_G['usergroup']['access']["blk$f"]) && !ican("blk$f")){
	msg('没有权限');
}
$m = new BlockModule;
$m->$f();
class BlockModule
{
	function index() {
		global $_G;
		$query=$_G['db']->page_query("SELECT * FROM".table('block')."WHERE 1 $where $order",10);
		while($rs=$_G['db']->fetch_array($query)){
			$datas[]=$rs;
		}
		$num=$_G['db']->result("SELECT count(blockid) FROM".table('block')."WHERE 1 $where ");
		$page=pager($num,10);
		include admintemplate('block/index');
	}
	function add(){
		global $_G;
		$id=getGP('id','','int');
		if(check_submit("blksubmit")) {
			$post=getGP('block','p','array');
			$data=array(
				'name' => check_str($post['name']),
				'module' => check_str($post['module']),
				'template' => check_str($post['template']),
				'maxnum' => intval($post['maxnum']),
				'listorder' => intval($post['listorder']),
			);
			
			if( !$data['name'] ) msg(l('please input title','block'));
			
			if( $id ) {
				$_G['db']->update('block',$data,array('blockid'=>$id));
			} else {
				$_G['db']->insert('block',$data);
			}
			msg(l('Operation Succes','block'),url('admin.php?m=block&f=index'));
		}
		if($id){
			$block=$_G['db']->fetch('block','*',array('blockid'=>$id));
		}
		include admintemplate('block/add');
	}
	
	function delete(){
		global $_G;
		if( !ican('blkdelete') )msg(l('No Permission','block'));
		$id=getGP('id','G','int');
		$ids=getGP('id','P','array');
		
		if($id<1  && empty($ids))msg(l('Parameter Error','block'));
		
		if( $id ){
			$_G['db']->delete('block',array('blockid'=>$id));
			$_G['db']->delete('block_data',array('blockid'=>$id));
		}
		if( !empty($ids) ){
			$_G['db']->delete('block','blockid IN('.implode(',',$ids).')');
			$_G['db']->delete('block_data','blockid IN('.implode(',',$ids).')');
		}
		msg(l('Operation Succes','block'));
	}
	
	function edit(){
		global $_G;
		if( !ican('blkedit') )msg(l('No Permission','block'));
		$ids=getGP('id','P','array');
		$listorder=getGP('listorder','P','array');
		
		if(empty($ids))msg(l('Parameter Error','block'));
		
		if( !empty($ids) ) {
			foreach($ids as $id) {
				if($id < 1) continue;
				$data = array(
					'listorder' => $listorder[$id]
				);
				$_G['db']->update('block',$data,array('blockid'=>$id));
			}
		}
		msg(l('Operation Succes','block'));
	}
	
	function data(){
		global $_G;
		$id=getGP('id','G','int');
		if(!$id)msg(l('Parameter Error','block'));
		$where = " AND blockid=$id";
		$order = "ORDER BY listorder ASC";
		$query=$_G['db']->page_query("SELECT * FROM".table('block_data')."WHERE 1 $where $order",10);
		while($rs=$_G['db']->fetch_array($query)){
			$datas[]=$rs;
		}
		$num=$_G['db']->result("SELECT count(bdid) FROM".table('block_data')."WHERE 1 $where ");
		$page=pager($num,10);
		include admintemplate('block/data');
	}
	function data_add(){
		global $_G;
		$id=getGP('id','','int');
		$blockid=getGP('blockid','','int');
		if(check_submit("blkdatasubmit")) {
			$post=getGP('block','p','array');
			if( !$post['title'] ) msg(l('please input title','block'));
			if($_FILES['advimage']) {
				include libfile('upload.php');
				$upload = new upload('jpg|png|jpeg|bmp|swf', $_G['settings']['upload']['file_size'], 'advimage');
				$upload->set_dir(BASE_ROOT.DATA_DIR.'block/');
				$files = $upload->execute_single();
				if($files['status'] == 1){
					$thumb = BASE_URL.$files['path'].$files['name'];
				}
			} else {
				$thumb = getGP('advimage','p');
			}
				
			$data=array(
				'bdid'=>$id,
				'blockid'=>$blockid,
				'thumb'=>$thumb?1:0,
				'status'=>intval($post['status']),
				'expiration'=>$post['expiration']?gtime($post['expiration']):0,
				'listorder'=>intval($post['listorder']),
				'data'=>my_serialize(array('id'=>$id,'title'=>check_str($post['title']),'summary'=>check_str($post['summary']),'thumb'=>$thumb,'dateline'=>$post['dateline']?gtime($post['dateline']):0,'url'=>$post['url'])),
			);
			
			if( $id ) {
				$_G['db']->update('block_data',$data,array('blockid'=>$blockid,'bdid'=>$id));
			} else {
				$_G['db']->insert('block_data',$data);
			}
			msg(l('Operation Succes','block'),url('admin.php?m=block&f=data&id='.$blockid));
		}
		if($id){
			$block=$_G['db']->fetch('block_data','*',array('blockid'=>$blockid,'bdid'=>$id));
			$block['data']=unserialize($block['data']);
		}
		include admintemplate('block/data_add');
	}
	function data_delete(){
		global $_G;
		if( !ican('blkdelete') )msg(l('No Permission','block'));
		$id=getGP('id','G','int');
		$ids=getGP('id','P','array');
		$blockid=getGP('blockid','','int');
		
		if($id<1  && empty($ids) || !$blockid)msg(l('Parameter Error','block'));
		
		if( $id )$_G['db']->delete('block_data',array('blockid'=>$blockid,'bdid'=>$id));
		if( !empty($ids) )$_G['db']->delete('block_data','bdid IN('.implode(',',$ids).') AND blockid='.$blockid);
		msg(l('Operation Succes','block'));
	}
	function data_edit(){
		global $_G;
		if( !ican('blkdataedit') )msg(l('No Permission','block'));
		$ids=getGP('id','P','array');
		$listorder=getGP('listorder','P','array');
		$blockid=getGP('blockid','P','int');
		if(empty($ids) || !$blockid)msg(l('Parameter Error','block'));
		
		if( !empty($ids) ) {
			foreach($ids as $id) {
				if($id < 1) continue;
				$data = array(
					'listorder' => $listorder[$id]
				);
				$_G['db']->update('block_data',$data,array('bdid'=>$id,'blockid'=>$blockid));
			}
		}
		msg(l('Operation Succes','block'));
	}
}